Question 1

Public key encryption uses two keys.

Accepted Answer

A) True 
 B)False

Question 2

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

Accepted Answer

A) True 
 B)False

Question 3

________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.

Accepted Answer

A)  "Security" 
B)  "Controls" 
C)  "Benchmarking" 
D)  "Algorithms" 
A)  "Security" 
B)  "Controls" 
C)  "Benchmarking" 
D)  "Algorithms"

Question 4

Which of the following is not one of the main firewall screening techniques?

Accepted Answer

A)  application proxy filtering 
B)  static packet filtering 
C)  NAT 
D)  secure socket filtering 
A)  application proxy filtering 
B)  static packet filtering 
C)  NAT 
D)  secure socket filtering

Question 5

High-availability computing is also referred to as fault tolerance.

Accepted Answer

A) True 
 B)False

Question 6

An independent computer program that copies itself from one computer to another over a network is called a

Accepted Answer

A)  worm. 
B)  Trojan horse. 
C)  bug. 
D)  pest. 
A)  worm. 
B)  Trojan horse. 
C)  bug. 
D)  pest.

Question 7

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Accepted Answer

1. Operational excellence: Security poli

Question 8

Which of the following statements about the Internet security is not true?

Accepted Answer

A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network. 
A)  The use of P2P networks can expose a corporate computer to outsiders. 
B)  A corporate network without access to the Internet is more secure than one provides access. 
C)  VoIP is more secure than the switched voice network. 
D)  Instant messaging can provide hackers access to an otherwise secure network.

Question 9

The HIPAA Act

Accepted Answer

A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules. 
A)  requires financial institutions to ensure the security of customer data. 
B)  specifies best practices in information systems security and control. 
C)  imposes responsibility on companies and management to safeguard the accuracy of financial information. 
D)  outlines medical security and privacy rules.

Question 10

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called

Accepted Answer

A)  sniffing. 
B)  social engineering. 
C)  phishing. 
D)  pharming. 
A)  sniffing. 
B)  social engineering. 
C)  phishing. 
D)  pharming.

Question 11

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Accepted Answer

The answer of ________ is a crime in which an...

Question 12

Smaller firms may outsource some or many security functions to

Accepted Answer

A)  ISPs. 
B)  MISs. 
C)  MSSPs. 
D)  CAs. 
A)  ISPs. 
B)  MISs. 
C)  MSSPs. 
D)  CAs.

Question 13

You have just been hired as a security consultant by MegaMalls Inc., a national chain of retail malls, to make sure that the security of their information systems is up to par. Outline the steps you will take to achieve this.

Accepted Answer

1. Establish what data and processes are

Question 14

Approximately how many new threats from malware were detected by Internet security firms in 2012?

Accepted Answer

A)  400 thousand 
B)  4 million 
C)  40 million 
D)  400 million 
A)  400 thousand 
B)  4 million 
C)  40 million 
D)  400 million

Question 15

Hackers create a botnet by

Accepted Answer

A)  infecting Web search bots with malware. 
B)  using Web search bots to infect other computers. 
C)  causing other people's computers to become "zombie" PCs following a master computer. 
D)  infecting corporate servers with "zombie" Trojan horses that allow undetected access through a back door. 
A)  infecting Web search bots with malware. 
B)  using Web search bots to infect other computers. 
C)  causing other people's computers to become "zombie" PCs following a master computer. 
D)  infecting corporate servers with "zombie" Trojan horses that allow undetected access through a back door.

Question 16

Inputting data into a poorly programmed Web form in order to disrupt a company's systems and networks is called

Accepted Answer

A)  a Trojan horse. 
B)  an SQL injection attack. 
C)  key logging. 
D)  a DDoS attack. 
A)  a Trojan horse. 
B)  an SQL injection attack. 
C)  key logging. 
D)  a DDoS attack.

Question 17

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

Accepted Answer

A)  high availability computing 
B)  deep-packet inspection 
C)  application proxy filtering 
D)  stateful inspection 
A)  high availability computing 
B)  deep-packet inspection 
C)  application proxy filtering 
D)  stateful inspection

Question 18

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Accepted Answer

There are various technological essentia

Question 19

Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that

Accepted Answer

A)  are usually bound up in legacy systems that are difficult to access and difficult to correct in case of error. 
B)  are not secure because the technology to secure them did not exist at the time the files were created. 
C)  have the potential to be accessed by large numbers of people and by groups outside of the organization. 
D)  are frequently available on the Internet. 
A)  are usually bound up in legacy systems that are difficult to access and difficult to correct in case of error. 
B)  are not secure because the technology to secure them did not exist at the time the files were created. 
C)  have the potential to be accessed by large numbers of people and by groups outside of the organization. 
D)  are frequently available on the Internet.

Question 20

Rigorous password systems

Accepted Answer

A)  are one of the most effective security tools. 
B)  may hinder employee productivity. 
C)  are costly to implement. 
D)  are often disregarded by employees. 
A)  are one of the most effective security tools. 
B)  may hinder employee productivity. 
C)  are costly to implement. 
D)  are often disregarded by employees.

Public key encryption uses two keys.

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.

Which of the following is not one of the main firewall screening techniques?

High-availability computing is also referred to as fault tolerance.

An independent computer program that copies itself from one computer to another over a network is called a

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Which of the following statements about the Internet security is not true?

The HIPAA Act

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Smaller firms may outsource some or many security functions to

You have just been hired as a security consultant by MegaMalls Inc., a national chain of retail malls, to make sure that the security of their information systems is up to par. Outline the steps you will take to achieve this.

Approximately how many new threats from malware were detected by Internet security firms in 2012?

Hackers create a botnet by

Inputting data into a poorly programmed Web form in order to disrupt a company's systems and networks is called

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that

Rigorous password systems

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters

Exam 8: Securing Information Systems

Public key encryption uses two keys.

Biometric authentication is the use of physical characteristics such as retinal images to provide identification.

________ refers to policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems.

Which of the following is not one of the main firewall screening techniques?

High-availability computing is also referred to as fault tolerance.

An independent computer program that copies itself from one computer to another over a network is called a

How can a firm's security policies contribute and relate to the six main business objectives? Give examples.

Which of the following statements about the Internet security is not true?

The HIPAA Act

Tricking employees to reveal their passwords by pretending to be a legitimate member of a company is called

________ is a crime in which an imposter obtains key pieces of personal information to impersonate someone else.

Smaller firms may outsource some or many security functions to

You have just been hired as a security consultant by MegaMalls Inc., a national chain of retail malls, to make sure that the security of their information systems is up to par. Outline the steps you will take to achieve this.

Approximately how many new threats from malware were detected by Internet security firms in 2012?

Hackers create a botnet by

Inputting data into a poorly programmed Web form in order to disrupt a company's systems and networks is called

In controlling network traffic to minimize slow-downs, a technology called ________ is used to examine data files and sort low-priority data from high-priority data.

How is the security of a firm's information system and data affected by its people, organization, and technology? Is the contribution of one of these dimensions any more important than the other? Why?

Electronic data are more susceptible to destruction, fraud, error, and misuse because information systems concentrate data in computer files that

Rigorous password systems

Information Systems in Global Business Today

Global E-Business and Collaboration

Information Systems, Organizations, and Strategy

Ethical and Social Issues in Information Systems

IT Infrastructure and Emerging Technologies

Foundations of Business Intelligence: Databases and Information Management

Telecommunications, the Internet, and Wireless Technology

Achieving Operational Excellence and Customer Intimacy: Enterprise Applications

E-Commerce: Digital Markets, Digital Goods

Managing Knowledge

Enhancing Decision Making

Building Information Systems

Managing Projects

Managing Global Systems

Filters